You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"key exchange" is already common terminology for a different concept (derive session shared keys from identity keys, assumed already known and valid for each member). Please choose a different name. "the key validity problem" or "the PKI problem" would be more appropriate
have you heard of https://www.certificate-transparency.org/ ? their log has cryptographic properties that mean clients don't have to store the whole hash chain; they can store O(logn) of the tree and still be able to compare consistency with other clients. In fact, last I checked they still need to implement a gossip protocol between clients; you guys should work together.
it would be good to actually quantify the security provided by the gossip protocol. Neither CT nor you guys do that, you just hand-wave and say "attacks will be detected by clients talking to each other". Yes probably this will be true, but how probably?
The text was updated successfully, but these errors were encountered:
Someone pointed me to https://github.com/mutecomm/mute/blob/master/doc/keyexchangeproblem.md I took my liberty to write this drive-by review; hope you don't mind. :)
The text was updated successfully, but these errors were encountered: